Router (wired) that supports fair queue?

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

NervousEnergy

New Around Here
For the last 4 years or so I've been running a home-built router on an off-lease Dell pizza box PC ($90 from Ebay at the time) with an extra NIC, running IPFire. At the time, this was one of the few home distros that was fairly easy to set up and supported FQ_Codel. My home connection is a Spectrum account that's massively asynchronous - 400 Mbit down and 10 up. Bufferbloat is BAD without FQ - speed tests give my connection an F for BB, and you can see it in twitch gaming with terrible latencies popping up. IPFire with FQ enabled and set just under the upload and download caps completely solved the problem.

Rather embarrassingly, I've lost/forgotten the admin PW for my IPFire installation, and it's nearly a year out of date with updates. Testament to how stable it is. I was going to just re-install the latest version since that only takes 15 minutes or so and there's nothing particularly complex to re-create, but I thought I'd see if there are any simpler hardware routers that support FQ. It can be wired only or wireless, though I've already got a couple of Asus RT-66U's in access point mode and I don't really need a third one where the cable modem is located. I don't mind paying for quality, and we should have gigabit download options available in this neighborhood soon, so I don't want to compromise too much in terms of throughput. This 7 year old PC is massive overkill as is - I think it's an I5 with 8 GB, but I haven't had to worry about not having enough horsepower to run QoS. When I could remember the PW and checked the reports, utilization of proc and memory was nearly nil.

The box is getting old, though, and it's also obviously pretty power-hungry for just running a simple router. Is there an option for a commercial router that can run fair queuing? I tried searching for routers that run FQ_Codel but my google-fu is failing me. I don't need fancy QoS for voice services or such - I just need enough traffic shaping to eliminate bufferbloat. I'll just re-install IPFire if not, but given how important having the home network available at all times during the day has been lately I'd like to look at something solid-state.

Thanks for any suggestions!
 

Greg72

Senior Member
Why are you doing FQ with your connection speed? There is no need to even use it. As for IPFire, just install the new version as a Format and install on your Dell. Really with firmware like Merlin, you really do not need IPFire.
 
Last edited:

avtella

Very Senior Member
pfSense has Fair Queue and also Limiters with FQ_Codel, you could install that or just reinstall ipfire. Main reason I like pfSense is that it also has the pfBlockerNG which is a package equivalent to piHole but more powerful so I’d take a look at that. “Lawrence Systems” YouTube channel has some great videos on pfSense installation and various topics such as setting up limiters. I have a cable connection from Comcast at 1.2 Gbps / 40 Mbps and I use a limiter with FQ_Codel only on the slower upload side on pfSense, my bufferbloat test result is usually an A+/A rating on DSL Reports Speed Test.

For commercial off the shelf router I’d probably get a Qualcomm (better support for open source than Broadcom) based router like the R7800 and install OpenWRT and use SQM “Piece of Cake” option; when I previously had DSL that setup lifted my bufferbloat score from F/D to a consistent A/A+. Cake is a newer development by the same people who worked on FQ_Codel. In my experience it’s done a much better job at managing bufferbloat than FQ_Codel.

This is probably a better option vs your current power guzzling setup if bufferbloat is your main concern and you don’t need any of the other extra stuff from the likes of pfSense and other firewall distros.
 
Last edited:

Trip

Very Senior Member
First off, to correct some probable misguidance:
Why are you doing FQ with your connection speed? There is no need to even use it.
Granted, there could be a host of other issues at play, but after indicating that endpoint latency and gaming behavior was all but normalized with SQM active, I think it's quite obviously a benefit, it not altogether vital, for the OP's use-case. FYI, it's quite likely that it may not be the 400Mb download inducing bloat, but rather the measly 10Mb upload, on which it's not all that hard to approach saturation, or saturate fully, even with just a single client on the network doing background network activity. I would not be so quick to jump to such a sweeping conclusion.
Really with firmware like Merlin, you really do not need IPFire.
An AsusWRT derivative on a Broadcom SoC won't come anywhere close to a fully open-stack Linux distro running running on Qualcomm embedded or x86 hardware, so I'm not sure where you're drawing your logic from with that statement either, but it's not what the OP should be looking at as a solution, regardless.

As for the suggestions to use pfSense (or OPNsense), or any BSD-derivative, SQM has been back-ported to run on those platforms yes, but the utmost of fine-tuning will not be as available nor will the overall de-bloating be potentially as effective as it would on a fully open-stack Linux distro, as that's where the kernel driver integration is best supported, plus where you'll have the most breadth and depth of feature set (such as more qdiscs like CAKE, etc.).

For 410Mb/s of SQM now, and potentially 1-2Gb/s in the future, I would definitely stick with an x86 box, as almost any embedded ARM/MIPS platform, whether wired or all-in-one, probably won't even be able to approach, let alone handle, 1Gb/s+; definitely not an R7800, and probably not even a UniFi Dream Machine (or UDM Pro). To solve the power draw issue, I would run either a thin client (such as an HP T730 with an Intel I350 card in it) or an embedded box, such as a i3 or even i5 Qotom or Protectli unit with onboard Intel NICs (examples on Amazon), the former of which would likely be under 20-30 watts, the latter probably <10 (!). And of course do all-SSD storage for either.

Once you get the hardware, you're free to reflash IPFire or any other Linux-based firewall OS (Alpine, Endian, OpenWRT, VyOS, etc.).

So that's ultimately the route I think you should take. Hope that's of some value to you.
 

NervousEnergy

New Around Here
Excellent, thanks - after looking at UniFi and some used off-lease Cisco enterprise boxes I was afraid the X86 route with a distro was still going to be the simplest and most effective, though with power and heat costs. My home office can get pretty toasty in the summer with ambients pushing 80 despite the rest of the house at 75, just due to the heat the gaming PC, SFF HP FW box, and UPS put out. That Protectli unit is amazing. A bit on the pricey side, but you get what you pay for. I'll look at a used 7800 for a backup device.

The F- bufferbloat is almost certainly from the miniscule upload - between myself, wife, and college (all at home now) daughter all hitting video calls at the same time it can get pretty busy. Between laptops, 3 PCs, 3 phones, DTV DVR and Genie boxes, Amazon boxes, 3 consoles, printers, etc. there are over 30 devices that can do something as simple as check for updates at any time. Even all that wouldn't be much of a problem if I didn't like to indulge in competitive Overwatch breaks - traffic dashboards show I've got plenty of bandwidth, but without traffic shaping I go from 40ms latency to over 500 randomly which makes the game unplayable. It's been nearly 4 years of perfect with IPFire set to 380 down / 9 up. Moving the 9 up as little as .5 more to 9.5 makes the DSLReports speed test go from A to F- on BB.

I'll buy the Protectli and load the latest IPfire on that, and actually write down the admin PW this time. I've got an annual donation to IPFire.org set up since they've been a godsend for me and don't charge a thing.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top